<?php
class Zen_Controller_Plugin_Auth extends Zend_Controller_Plugin_Abstract {


	public function preDispatch(Zend_Controller_Request_Abstract $request) {




		$acl = Zen_Acl::getInstance();
		Zend_Registry::set('acl', $acl);

		$auth = Zend_Auth::getInstance ();

		if ($auth->hasIdentity ())
			$role = $auth->getIdentity ()->role;
		else
			$role = 'guest';
		//TODO Включить
		$rol=new Zend_Acl_Role($role);

        Zend_View_Helper_Navigation_HelperAbstract::setDefaultAcl($acl);
		Zend_View_Helper_Navigation_HelperAbstract::setDefaultRole($rol);




		$controller = $request->controller;
		$action = $request->action;
		$module = $request->module;
		$resource = "mvc:" . $module . ":" . $controller . ":" . $action;
		/* Проверяем уровень доступа пользователя к ресурсу */


		if ($acl->has ( $resource )) {
			if (!$acl->isAllowed ( $role, $resource, null )) {
				if (! $auth->hasIdentity ()) {
					header ( 'Location: /login' );
					exit ();
				} else {
					header('Location: /error');
					exit ();
				}
			}
		}


	}
}